package com.VolunteerPlatform.SecurityService;

import com.VolunteerPlatform.Dao.AdminIdentityDao;
import com.VolunteerPlatform.Entity.AdminIdentity;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.SaltSource;
import org.springframework.security.authentication.encoding.Md5PasswordEncoder;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;

import java.util.Collection;
import java.util.List;

/**
 * Created by DoveXL on 2018/5/30.
 */
public class MyAuthenticationProvider implements AuthenticationProvider {

    private MyUserDetailsService myuserService;
    private Md5PasswordEncoder passwordEncoder;
    private SaltSource saltSource;

    @Autowired
    private AdminIdentityDao adminIdentityDao;


    /**
     * 自定义验证方式
     */
    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        String username = authentication.getName();
        String password = (String) authentication.getCredentials();
        UserRoleDetails user = (UserRoleDetails) myuserService.loadUserByUsername(username);
        if(user == null){
            throw new BadCredentialsException("Username not found.");
        }
        //加密过程在这里体现
        if(user.getUserStatus().equals("Forbidden"))
        {
            throw  new BadCredentialsException("The Account is Forbidden.");
        }
        System.out.println(user.getPassword());
        System.out.println(password);

        if(user.getUserRoles().size()==0)
        {
            throw  new BadCredentialsException("The Account has no Role.");
        }else
        {
            String Role = user.getUserRoles().get(0).getAdminID();
            System.out.println(Role);
            List<AdminIdentity> list = adminIdentityDao.getIdentityInfo(Role,"NotForbidden",-1,-1);
            if(list.size()==0)
            {
                throw  new BadCredentialsException("The Account‘s Role has been Forbidden.");
            }
        }
        //
        String Newpassword = passwordEncoder.encodePassword(password,saltSource);
        System.out.println(password);
        System.out.println(Newpassword);
        if (!Newpassword.equals(user.getPassword())) {
            throw new BadCredentialsException("Wrong password.");
        }

        Collection<? extends GrantedAuthority> authorities = user.getAuthorities();
        return new UsernamePasswordAuthenticationToken(user, password, authorities);
    }

    @Override
    public boolean supports(Class<?> arg0) {
        return true;
    }

    public void setMyuserService(MyUserDetailsService MyuserService) {
        myuserService = MyuserService;
    }

    public MyUserDetailsService getMyuserService() {
        return myuserService;
    }

    public void setPasswordEncoder(Md5PasswordEncoder passwordEncoder) {
        this.passwordEncoder = passwordEncoder;
    }

    public Md5PasswordEncoder getPasswordEncoder() {
        return passwordEncoder;
    }

    public void setSaltSource(SaltSource saltSource) {
        this.saltSource = saltSource;
    }

    public SaltSource getSaltSource() {
        return saltSource;
    }
}
